CLSA-2026-1779694105 Fix CVE(s): CVE-2026-42307
SECURITY UPDATE: fix shell-injection in netrw via crafted sftp:// and file:// URLs by escaping the tempfile name and restricting the filename-suffix regex to word characters runtime/autoload/netrw.vim, upstream patch 9.2.0383 - debian/patches/CVE-2026-42307.patch: fix shell-injection in netrw via...